Raritan Computer DKSX880 User Manual

PPENDIX

C: RADIUS S

ERVER

ETTINGS

Appendix C: RADIUS Server Settings

This appendix discusses the RADIUS server and how it interacts with Dominion KSX to accommodate Dominion
KSX as a RADIUS client. For information on designating the Dominion KSX unit itself as a RADIUS client, see the
Radius Configuration section in Chapter 4: Administrative Menus.

RADIUS Authentication Priority and Flowchart

When Dominion KSX is configured to utilize RADIUS authentication, user login attempts are first checked against
Dominion KSX’s internal username and password list. (At least one username/password pair, for the “admin” user,
must exist in the Dominion KSX database). Should the login attempt fail and Dominion KSX is configured to utilize
an external RADIUS server, Dominion KSX then consults the RADIUS server for completing authentication. This
process flow is illustrated below.

LOGIN ATTEMPT

User Name & Password Entry

IP-Reach Database

Username & Password

Profiles

Entered on

IP-Reach

by System Administrator

Match Found

(User Name & Password)

exactly matches a user profile

in the

IP-Reach

database

Match NOT Found

match any user profiles in the

IP-Reach

database

IP-Reach

Database

Permissions Used

See Figure 54

–

User

Accounts Settings

Screen

Authentication

Request Sent To

RADIUS Server

Query for matching

User Name and

Password

END OF AUTHENTICATION

Match NOT Found

END OF AUTHENTICATION

Acceptance

RADIUS Database Used

RADIUS Permission Authorization

Attributes are primary

Match Found

matches a user profile in the RADIUS database

RADIUS

Accepts or

Challenges

Challenge

See Figure 75 & 76

END OF AUTHENTICATION

RADIUS Sends

Challenge Query

back to user

Acceptance after Challenge

RADIUS Database Used

RADIUS Permission Authorization

Attributes are primary

END OF AUTHENTICATION

Challenge Response

Not Accepted

END OF AUTHENTICATION